Ceri Davies wrote: > I'd like to request a sponsor for bug 6339753, allowing nsswitch files > backends to use comments. > > The fix is seemingly trivial but I particularly want guidance on whether > comments should only be allowed when they begin a new line, in order to > avoid breaking existing databases.
I think this is quite a big issue. There is no defined comment char for some of these databases, including /etc/passwd and /etc/shadow. "Fixing" this effectively introduces a comment char. On the other hand for databases like user_attr(4), exec_attr(4), prof_attr(4) there is a defined comment char (and it is '#'). Simply allowing this via nsswitch is only part of the issue, what happens to all the tools that modify all the files backend nsswitch databases ? What should they do with comments ? I think this needs further discussion somewhere other than request-sponsor. Since this is mostly nameservices related I think the best alias is sparks-discuss@ however I also suspect that many of the security-discuss@ subscribers would be interested in this too. -- Darren J Moffat